Logout

[francoismarais]

I am trying to invalidate the users tokens when they log out, or atleast destroy the secret. However the user is not allowed to destroy their own secret?

Or if theres a way to revoke the refresh token that would be great.

As per the following response:
{ "headers": {}, "body": "{\"errors\":[{\"message\":\"You are not allowed to revoke the user secret.\",\"extensions\":{\"category\":\"user\"},\"locations\":[{\"line\":2,\"column\":25}],\"path\":[\"revokeUserSecret\"]}],\"data\":{\"revokeUserSecret\":null},\"extensions\":{\"debug\":[],\"queryAnalyzer\":{\"keys\":\"7c641d11aa0024c3f7bc8f4177ba595cea3f03eff4f9733fdc288c9e997f7572 graphql:Mutation operation:RevokeUserSecret\",\"keysLength\":108,\"keysCount\":3,\"skippedKeys\":\"\",\"skippedKeysSize\":0,\"skippedKeysCount\":0,\"skippedTypes\":[]}}}", "response": { "code": 200, "message": "OK" }, "cookies": [], "filename": null, "http_response": { "data": null, "headers": null, "status": null     } }

If someone has any insight into how to do this that would be appreciated.